Hi, Randy! Thanks for joining us!
The company I'm part of (G2) is a small business here in the states, and I know that none of us has money to just give away to the bad guys. I'm sorry to hear your org fell prey to rotten criminals.
Your note mentioned that you're looking at security tools and trying to replace security "top to bottom". Tools are important, and you might need a complete rebuild, but I would encourage you to take a look at the Cybersecurity Framework (or CSF) that CForum is organized around.
The CSF was built by thousands of security teammates around the world, looking to find ways to deal with attacks like the ones you mentioned. We found that none of us have resources to just randomly throw at the problem, so we have to prioritize understanding of what needs to be done to protect what's really important to each company, then select the right tools to accomplish those priority outcomes.
If you'd like to learn more about CSF, it's available here, and there's a supporting site at http://www.nist.gov/cyberframework. The industry resources page there has dozens of links to examples of how other organizations are already using it. Meanwhile, we have some free templates that might help get you started - please feel free to PM me via the CForum or drop me a note at greg.witte <at> g2-inc.com.